.
| Time |
Syscall Op |
Syscall Name |
| 2018-12-17T22:51:21.22942147Z | 171 | PC: 13280 | UNKNOWN! |
| 2018-12-17T22:51:21.23059758Z | 74 | PC: 1328e | Reallocate memory |
| 2018-12-17T22:51:21.233666075Z | 74 | PC: 13296 | Reallocate memory |
| 2018-12-17T22:51:21.235406655Z | 72 | PC: 1329d | Allocate memory |
| 2018-12-17T22:51:21.237413204Z | 53 | PC: 132bc | Get interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:51:21.240571908Z | 37 | PC: 132cc | Set interrupt vector (Interrupt = '33' AKA 'Random read') |
| 2018-12-17T22:51:21.242030788Z | 61 | PC: 9f87e | Open file |
| 2018-12-17T22:51:21.252711864Z | 87 | PC: 9f88e | Get or set file date and time |
| 2018-12-17T22:51:21.258340939Z | 63 | PC: 9f8aa | Read file or device (Read 3 bytes on handle 5) |
| 2018-12-17T22:51:21.264398057Z | 66 | PC: 9f9ac | Move file pointer |
| 2018-12-17T22:51:21.26612976Z | 44 | PC: 9fb13 | Get time 0x9fb13: push ds
0x9fb14: pop es
0x9fb15: mov ax, dx
0x9fb17: and ax, 3
0x9fb1a: cmp al, 3
0x9fb1c: jne 0x9fb22
0x9fb1e: nop
0x9fb1f: nop
0x9fb20: dec al
0x9fb22: mov cl, 3
0x9fb24: mul cl
0x9fb26: mov si, 0x3aa
0x9fb29: add si, ax
0x9fb2b: mov di, 0xd
0x9fb2e: movsb byte ptr es:[di], byte ptr [si]
0x9fb2f: inc di
0x9fb30: inc di
0x9fb31: movsw word ptr es:[di], word ptr [si]
0x9fb32: mov ax, dx
0x9fb34: shr ax, 2
|
| 2018-12-17T22:51:21.269103927Z | 44 | PC: 9fb76 | Get time 0x9fb76: mov ax, dx
0x9fb78: shr ax, 3
0x9fb7b: and ax, 3
0x9fb7e: cmp al, 3
0x9fb80: jne 0x9fb86
0x9fb82: nop
0x9fb83: nop
0x9fb84: dec al
0x9fb86: mov cl, 9
0x9fb88: mul cl
0x9fb8a: mov si, 0x3e0
0x9fb8d: add si, ax
0x9fb8f: mov di, 0
0x9fb92: movsw word ptr es:[di], word ptr [si]
0x9fb93: movsw word ptr es:[di], word ptr [si]
0x9fb94: movsw word ptr es:[di], word ptr [si]
0x9fb95: movsw word ptr es:[di], word ptr [si]
0x9fb96: movsb byte ptr es:[di], byte ptr [si]
0x9fb97: mov ax, dx
0x9fb99: shr ax, 1
|
| 2018-12-17T22:51:21.273128208Z | 44 | PC: 9fadd | Get time 0x9fadd: mov word ptr [0x1d], dx
0x9fae1: mov word ptr [0x45], dx
0x9fae5: mov word ptr [0x40f], dx
0x9fae9: call 0xafac7
0x9faec: mov ah, 0x40
0x9faee: mov cx, 0x62
0x9faf1: xor dx, dx
0x9faf3: int 0x21
0x9faf5: call 0xafac7
0x9faf8: call 0x9fafc
0x9fafb: ret
0x9fafc: mov ax, word ptr [0x14d]
0x9faff: mov word ptr [0x35], ax
0x9fb02: mov ax, word ptr [0x14f]
0x9fb05: mov word ptr [0x37], ax
0x9fb08: call 0xaf6e8
0x9fb0b: call 0xafac7
0x9fb0e: ret
0x9fb0f: mov ah, 0x2c
0x9fb11: int 0x21
|
| 2018-12-17T22:51:21.275591295Z | 64 | PC: 9faf5 | Write file or device (Write 98 bytes on handle 5) |
| 2018-12-17T22:51:21.278807757Z | 64 | PC: 9f6f9 | Write file or device (Write 1231 bytes on handle 5) |
| 2018-12-17T22:51:21.778460017Z | 66 | PC: 9f9cb | Move file pointer |
| 2018-12-17T22:51:21.780501071Z | 64 | PC: 9f9d5 | Write file or device (Write 3 bytes on handle 5) |
| 2018-12-17T22:51:21.786777602Z | 87 | PC: 9fa37 | Get or set file date and time |
| 2018-12-17T22:51:21.789690144Z | 62 | PC: 9fa3b | Close file |
| 2018-12-17T22:51:21.798828772Z | 61 | PC: 132e7 | Open file (Filename = '�@') |
| 2018-12-17T22:51:21.80755242Z | 62 | PC: 132ec | Close file |
| 2018-12-17T22:51:21.810945695Z | 9 | PC: 12a49 | Display string (String= 'Viren Falle v0.90 - Opferdatei
(C)opyright by XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX') |
| 2018-12-17T22:51:21.817983135Z | 76 | PC: 12a4e | Terminate with return code (Return code = '0') |
